642
642
Feb 3, 2016
02/16
by
Patrick Wardle
movies
eye 642
favorite 0
comment 0
Gatekeeper is an anti-malware feature baked directly into OS X. Its single goal is to block the execution of untrusted code from the internet. Apple boldly claims that because of Gatekeeper, both trojans and tampered downloads are generically blocked. So hooray! Mac users are all secure…right? Well, perhaps not :/ Until now, there has been little technical information about Gatekeeper’s closed-source internals. This talk seeks to remedy this by exposing the inner workings of Gatekeeper and...
851
851
Feb 3, 2016
02/16
by
Alex Bulazel
movies
eye 851
favorite 0
comment 0
AVLeak is a tool for fingerprinting consumer antivirus emulators through automated black box testing. AVLeak can be used to extract information from AV emulators that may be used to detect their presence and evade detection, including environmental artifacts, OS API behavioral inconsistencies, emulation of network connectivity, timing inconsistencies, and CPU emulator “red pills”. These artifacts of emulation may be discovered through painstaking, time consuming binary reverse engineering,...
24,015
24K
Feb 3, 2016
02/16
by
Andrew Kalat
movies
eye 24,015
favorite 8
comment 0
Most hackers have a massive digital footprint: social media, servers at co-location sites, servers at home, overly-complicated IT infrastructure, and various other IT gear connected in crazy ways. What happens when one of us suddenly dies? How do our loved ones pick up the pieces, figure out all of our random IT crap that we’ve setup, and move forward? This talk explores the challenges, opportunities, and lessons learned as I aided in figure out the IT gear after the passing of a dear friend...
5,877
5.9K
Feb 3, 2016
02/16
by
Matt Dunwoody and Nick Carr
movies
eye 5,877
favorite 2
comment 0
Every IR presents unique challenges. But–when an attacker uses PowerShell, WMI, Kerberos attacks, novel persistence mechanisms, seemingly unlimited C2 infrastructure and half-a-dozen rapidly-evolving malware families across a 100k node network to compromise the environment at a rate of 10 systems per day–the cumulative challenges can become overwhelming. This talk will showcase the obstacles overcome during one of the largest and most advanced breaches Mandiant has ever responded to, the...
2,361
2.4K
Feb 3, 2016
02/16
by
Balint Seeber
movies
eye 2,361
favorite 1
comment 0
This presentation will explore how you can survey the wireless world of the radio spectrum to get an idea of the signals around you, and decode transmissions that can be received by pointing an antenna towards satellites in space. Both are accomplished using Software Defined Radio and open source software, and emphasis is placed on the security (or lack thereof) in these communications systems. Using a drone, you can create your very own airborne RF surveying platform, so that you can fly your...
1,126
1.1K
Feb 3, 2016
02/16
by
Kristin Paget
movies
eye 1,126
favorite 0
comment 0
A few years ago I had cause to do some research into RFID “shielding” wallets, and decided that most of them weren’t very good. Even the good ones could be disabled by simply increasing power; I came away thoroughly unimpressed with the entire concept. I thought about it for a bit, and then came up with GuardBunny. It prevents RFID tags from being read in a different way – by jamming the reader with its own energy. In its current form GuardBunny provides decent protection but it isn’t...
469
469
Feb 3, 2016
02/16
by
Joseph Hall and Ben Ramsey
movies
eye 469
favorite 0
comment 0
Smart energy and building automation are powerful technologies with significant promise. Unfortunately, the global rush to connect as many devices to the network as possible leads to unintended vulnerabilities. The ability to physically damage hardware by abusing network access is particularly interesting. This talk has two goals: 1) introduce an open source tool for pen-testing proprietary Z-Wave wireless automation networks and 2) discuss a rapid process for destroying florescent lights....
1,374
1.4K
Feb 3, 2016
02/16
by
Joel Sandin
movies
eye 1,374
favorite 0
comment 0
The platforms powering the growth of the Internet-of-Things include tried-and-true embedded Real-Time Operating Systems (RTOSes). These lean OSes are designed for performance and reliability, but they force application developers to use C and often lack the exploit mitigations implemented in consumer OSes. This unforgiving environment places the burden of security entirely on the programmer and makes the risk of memory corruption vulnerabilities on these increasingly ubiquitous systems very...
752
752
Feb 3, 2016
02/16
by
Andrew Ruef and Rock Stevens
movies
eye 752
favorite 0
comment 0
Big Data Analytics and Machine Learning are pervasive in the decision-making processes of major corporations and governments around the world. This fact introduces a new opportunity and attack vector for hackers — instead of stealing data, attackers can potentially influence or control the decisions of their victims. In our talk we highlight the poor decisions that developers make in their code that enables attackers to drastically skew machine learning models, deliver denial of service...
625
625
Feb 3, 2016
02/16
by
Jon Bambenek
movies
eye 625
favorite 0
comment 0
According to VirusTotal, almost 500,000 unique malware samples are seen by them every day. That doesn’t include all the malware VirusTotal doesn’t see. The shear deluge of unique malware samples makes it difficult for incident responders to keep up to protect their networks. Even more difficult is the task to investigators and law enforcement to keep up with the size and number of command-and-control networks and criminal operations. The size and scope of malware may seem daunting, but...
938
938
Feb 3, 2016
02/16
by
3AlarmLampscooter
movies
eye 938
favorite 2
comment 0
Are you a Bond villain, whistle-blower, clandestine operative, secret courier, paranoid schizophrenic or generally sketchy character who wants the ability to make your data go up in a puff of smoke at the drop of a hat when the bad guys close in? This talk will focus on implementing practical, low cost, and not entirely unsafe mobile data destruction solutions for your hopefully imaginary needs. Going beyond Shane Lawson, Bruce Potter, and Deviant Ollam’s 3U rackmount requirements from DEFCON...
522
522
Feb 3, 2016
02/16
by
Rick Wesson
movies
eye 522
favorite 1
comment 0
Explore a base level problem in static malware analysis, that we have too many samples to analyze, by leveraging the parallelization of GPGPUs — an advantage is gained by moving the problem into the visual plane and solving similarity by texture analysis in parallel. I’ve clustered a few hundred million PEs by organizing them by how the “look.” Debugging is accompanied by making movies of the visualization. The real utility of the art is speed. A malware sample can be analyzed on an...
1,531
1.5K
Feb 3, 2016
02/16
by
Sean Cassidy
movies
eye 1,531
favorite 1
comment 0
LastPass holds all of your secrets. Its login prompts and alerts occur within the browser window, which attackers can control. When the victim visits the target site–which can look completely inconspicuous, such as a news website–after a delay a LastPass notification will appear if the user has LastPass installed prompting the user to log in because their session has expired. The log in screen, which always appears within the browser window, is customized for each browser and operating...
297
297
Feb 3, 2016
02/16
by
Derek Atkins
movies
eye 297
favorite 1
comment 0
The Algebraic Eraser (AE) is a Group Theoretic Public-Key Cryptosystem originally published in 2006 and designed specifically to work in constrained devices with limited CPU and power capabilities such as RFID and Internet of Things (IoT) devices. Algebraic Eraser Diffie-Hellman (AEDH) provides a key-agreement protocol that performs significantly better than ECC at the same security level in both hardware and software. One hardware implementation in 65nm CMOS performs 60-200 times better than...
518
518
Feb 3, 2016
02/16
by
Greg Conti (moderator), Mara Tam, Vincenzo Iozzo, Jeff Moss, and Randy Wheeler
movies
eye 518
favorite 0
comment 0
"[E]very speaker, every writer, every practitioner in the field of cyber security who has wished that its topic, and us with it, were taken seriously has gotten their wish….”[W]e” and the cyber security issue have never been more at the forefront of policy. And you ain’t seen nothing yet.’ — Dan Geer, “Cybersecurity as Realpolitik” We still haven’t. The regulatory and policy landscape around information security is expanding and shifting rapidly. Challenges faced by the...
851
851
Feb 3, 2016
02/16
by
Jean-Philippe Aumasson
movies
eye 851
favorite 0
comment 0
This is an extension of my DEFCON 23 talk “Quantum computers vs computers security” where I’ll tell you more about the recent 1000-qubit processor and about postquantum crypto’s latest developments. I’ll also tell you how today’s encryption systems are affected (PGP, TLS, OTR, and others) and what you should do if you believe that quantum computers will soon be working. Jean-Philippe (JP) Aumasson (@veorq) is Principal Cryptographer at Kudelski Security, in Switzerland. He designed...
475
475
Feb 5, 2016
02/16
by
Nick Leiserson and Jen Ellis
movies
eye 475
favorite 0
comment 0
In 2015, 74 bills containing the term “cybersecurity” were introduced in Congress; the Library of Congress approved a security research exemption for the DMCA; the President signed two cybersecurity-related Executive Orders; and various Government agencies debated how to control exports of intrusion technologies. This trend will continue in 2016 as more breaches and vulnerabilities hit the headlines, and technology continues to become more pervasive in our lives. Government policy impacts...
1,050
1.1K
Feb 3, 2016
02/16
by
Jessy Irwin
movies
eye 1,050
favorite 0
comment 0
Every day, passionate security professionals encounter a common problem: after bringing a student or colleague up to speed on best practices, it feels like nothing stuck. Why does this happen? And how can we change it up to get better outcomes? This talk will help IT and security professionals find common ground with non-technical users. In addition to sharing people-friendly metaphors, it will give attendees a solid set of communication strategies, and approaches to educate the average user...
641
641
Feb 3, 2016
02/16
by
Jaime Filson
movies
eye 641
favorite 0
comment 0
#thingswikfound #omarax is a by-product of hunting for phishing and other badness on the internet. Each day I scan over 2 million newly created domains from a wide range of TLDs, locating everything from 8XX tech support scams to Brand name phishing attempts. Now I understand that scanning the internet for these things isn’t new in general, but I promise you that my approach is different (and at the very least an entertaining story). Jaime ‘WiK’ Filson (@jaimefilson) is a Research...
702
702
Feb 3, 2016
02/16
by
David Schuetz
movies
eye 702
favorite 0
comment 0
The great thing about standards is there are so many to choose from. That’s especially true in the realm of web and mobile application authentication. From Base-64 to OAuth, there are nearly as many ways to send your password to a server as there are ways to store that password. But how do these work? Is any one system better than another, and if so, why? Application testers need to understand how an app authenticates, in order to properly assess risk. Developers need to be able to make good...
15,022
15K
Feb 3, 2016
02/16
by
Professor Neil Gershenfeld
movies
eye 15,022
favorite 0
comment 0
Prof. Neil Gershenfeld is the Director of MIT’s Center for Bits and Atoms. His unique laboratory is breaking down boundaries between the digital and physical worlds, from creating molecular quantum computers to virtuosic musical instruments. Technology from his lab has been seen and used in settings including New York’s Museum of Modern Art and rural Indian villages, the White House and the World Economic Forum, inner-city community centers and automobile safety systems, Las Vegas shows,...
1,263
1.3K
Feb 3, 2016
02/16
by
Jay Beale
movies
eye 1,263
favorite 1
comment 0
In the system hardening space, we’ve been using chroot jails to contain compromised programs. These jails were better than nothing, but were easily escaped by many attackers. As Linux containers become more mature, we can use them to replace these jails. This talk will teach you how to use Linux Containers, through both Docker and Ubuntu’s new LXD, to create far better jails for programs, containing their compromise. You will leave this demo-heavy talk immediately able to use both...
764
764
Feb 3, 2016
02/16
by
Alex Moneger
movies
eye 764
favorite 0
comment 0
With the ever growing number of attacks against SSL/TLS, quick turnaround time is required to write proof of concept code to test new attacks. Extending existing TLS stacks to implement such code is difficult and error prone. Due to that need, we developed an offensive focused TLS stack which allows to quickly prototype attacks against all elements of the stack (protocol, crypto, certificates, …) scapy-ssl_tls is an offensive TLS stack which lives above scapy. I will demonstrate how to look...
1,599
1.6K
Feb 3, 2016
02/16
by
Carl Vincent
movies
eye 1,599
favorite 0
comment 0
This talk focuses on showcasing examples of the GO programming language being utilized to rapidly prototype, and ultimately maintain software designed to perform common or useful post-exploitation tasks. Source code for each feature will be provided, and is intended to exaggerate the limited amount of code and code familiarity required to construct relatively complex payloads capable of performing offensive security tasks fully either in an automated, or fully antonymous context. Carl is a...
1,527
1.5K
Feb 3, 2016
02/16
by
Robbie Gallagher
movies
eye 1,527
favorite 0
comment 0
We’ve taken a novel approach to automating the determination of a phisher’s geographic location. With the help of Markov chains, we craft honeypot responses to phishers’ emails in an attempt to beat them at their own game. We’ll examine the underlying concepts, implementation of the system, and reveal some of the results from our ongoing experiment. Robbie Gallagher is a security engineer with Atlassian in Austin, Texas. He received his bachelor’s degree in applied computing...
321
321
Feb 3, 2016
02/16
by
Trey Herr and Eric Armbrust
movies
eye 321
favorite 0
comment 0
How can political and computer science get together to make something beautiful? The pervasive development and deployment of malicious software by states presents a new challenge for the information security and policy communities because of the resource advantage and legal status of governments. The difference between state and non-state authored code is typically described in vague terms of sophistication, contributing to the inaccurate confirmation bias of many that states simply ‘do it...
409
409
Feb 3, 2016
02/16
by
The Shmoo Group
movies
eye 409
favorite 0
comment 0
For eleven years, we’ve chosen to stand up and share all the ins and outs and inner workings of the con. Why stop now? Join us to get the break down of budget, an insight to the CFP process, a breakdown of the hours it takes to put on a con like ShmooCon, and anything thing else you might want to talk about. This is an informative, fast paced, and generally fun session as Bruce dances on stage, and Heidi tries to hide from the mic. Seriously though–if you ever wanted to know How, When, or...
1,187
1.2K
Feb 3, 2016
02/16
by
Karl Koscher
movies
eye 1,187
favorite 0
comment 0
Over the past few years, interest in ICS/SCADA systems security has grown immensely. However, most of this interest has been focused on IP-connected SCADA networks, largely ignoring numerous deployments relying on other technologies such as wireless serial links. In this talk, I’ll introduce a new GNU Radio module which lets you sniff SCADA networks that use a popular RF modem for their communications. I’ll also describe the process of reverse-engineering the proprietary RF protocol used....
278
278
Feb 3, 2016
02/16
by
Kurt Opsahl, Andrew Crocker, Bill Buddington, and Eva Galperin
movies
eye 278
favorite 0
comment 0
Get the latest information about how the law is racing to catch up with technological change from staffers at the Electronic Frontier Foundation, the nation’s premiere digital civil liberties group fighting for freedom and privacy in the computer age. This session will include updates on current EFF issues such as NSA surveillance and fighting efforts to use intellectual property claims to shut down free speech and halt innovation, discussion of our technology projects to protect privacy and...
574
574
Feb 3, 2016
02/16
by
Joshua Pitts
movies
eye 574
favorite 0
comment 0
To hide data from a the forensic practitioner you need to exploit either a gap in their knowledge, their processes, and/or their tools. This is a talk about all three in regards to Apple OS X and iOS code signing. Much research has been conducted around code signing with respect to preventing malicious code execution at binary load time. This strictly about forensics, binary tampering, and data smuggling. Josh Pitts (@midnite_runr) likes to write code that patches code with other code via The...
482
482
Feb 3, 2016
02/16
by
Stephen Breen
movies
eye 482
favorite 0
comment 0
Microsoft Windows has a long history of outstanding security vulnerabilities that many of us in the security industry are well aware of. Microsoft has released advisories with mitigations for some of these vulnerabilities, however due to compatibility, performance, and time/budget constraints, these mitigations are often not deployed consistently. In this project we take advantage of a number of these issues to develop a local privilege escalation exploit for Microsoft Windows that is safe and...
277
277
Feb 3, 2016
02/16
by
The Shmoo Group
movies
eye 277
favorite 0
comment 0
The attendees of Shmoocon 2016 are welcomed to the conference, given basic information about the conferences offerings, and the events to look forward to.
673
673
Feb 3, 2016
02/16
by
Sarah Rees and Jonathan Medina
movies
eye 673
favorite 1
comment 0
In the age of an “Internet of Things,” centralized control over a wide variety of devices is creeping down from the clouds and into our everyday lives. Software Defined Networking (SDN) is replacing traditional networks with some of the biggest names in the tech industry. Google, Microsoft, Facebook, Yahoo, Amazon, and AT&T are utilizing SDN for its advanced flexibility and automated network control. Unfortunately some functions of SDN and the OpenFlow protocol should be raising...
2,066
2.1K
Feb 3, 2016
02/16
by
Roger Piqueras Jover
movies
eye 2,066
favorite 1
comment 0
The Long Term Evolution (LTE) is the newest standard being deployed globally for mobile communications. Despite the well understood security flaws of legacy 2G networks, which lack of mutual authentication and implement an outdated encryption algorithm, LTE is generally considered secure given its mutual authentication and strong encryption scheme. To the day, the main cellular vulnerabilities being exploited in most IMSI catchers and stingrays are based on 2G base stations. Nevertheless, rogue...
17,207
17K
Feb 3, 2016
02/16
by
Gillian Andrews and Sara Sinclair Brody
movies
eye 17,207
favorite 0
comment 0
As a technologist you craft systems that are reliable, scalable, and maintainable. As a security specialist you think adversarially and poke holes in every apparatus you encounter, be it technical, social, or socio-technical. These skills are orthogonal to the ones that good user-experience (UX) designers employ in making software that is usable by “average” people, which is probably why so many security tools suck. In this talk you’ll see why your approach to designing software...
443
443
Feb 3, 2016
02/16
by
Matt Blaze (moderator), Greg Conti, Rick Forno, and Jeff Foster
movies
eye 443
favorite 1
comment 0
As information security grows nearly exponentially, it’s hard to remember back 15 years ago to a time when the industry was just starting to take off. At that time, most of the individuals in this industry were self taught with respect to this discipline. There were only a few handful of information security programs in academia. Contrast that to today where there are hundreds of programs across the nation with new ones springing up every semester. As far as academia goes, that kind of growth...
257
257
Feb 3, 2016
02/16
by
Rob Weiss and John Eberhardt
movies
eye 257
favorite 0
comment 0
John & Rob have been developing interesting ideas in how to present large analytic results to analysts for making decisions in defending their networks. This idea is an evolution of a talk presented at THOTCON & CarolinaCon last year and development John & Rob have done over the past 4 years on streaming network analytics. We have developed a concept to provide the output network data and analytics through mathematically driven visualizations. In this example, we show 1024 analytics...
440
440
Feb 3, 2016
02/16
by
Chris Eng
movies
eye 440
favorite 0
comment 0
Every industry faces the challenge of securing software, so why do some industries “get it” while others struggle to manage the problem at scale? In this session, we will share data drawn from over 200,000 application assessments performed via Veracode’s cloud platform over an 18-month period. This is the largest data set of its kind, and it provides unique insight into the state of software security. Attendees can use this information to benchmark their AppSec program against peers,...
794
794
Feb 3, 2016
02/16
by
Tyler Bohan and Brandon Edwards
movies
eye 794
favorite 0
comment 0
Although OSX has had a large gain in popularity, its underlying workings are still unknown to many. In this talk we will discuss OSX internals and how they relate to security research. Specifically, we will discuss the debugging functionality provided (or missing) on OSX, how it differs from other platforms, and the resulting state of tools (LLDB) unwieldy for many security research tasks on modern OSX. For this talk we will open source our private OSX Python scriptable debugger as a...